Skip to content

Azure.DevOps.ServiceConnections.InheritedPermissions.md

Latest commit

 

History

History
28 lines (18 loc) · 916 Bytes

Azure.DevOps.ServiceConnections.InheritedPermissions.md

File metadata and controls

28 lines (18 loc) · 916 Bytes
category Microsoft Azure DevOps Service Connections
severity Severe
online version https://github.com/cloudyspells/PSRule.Rules.AzureDevOps/blob/main/src/PSRule.Rules.AzureDevOps/en/Azure.DevOps.ServiceConnections.InheritedPermissions.md

Azure.DevOps.ServiceConnections.InheritedPermissions

SYNOPSIS

Service connection permissions should not be inherited from the project.

DESCRIPTION

Service connection permissions should not be inherited from the project. Inherited permissions can lead to unexpected access to sensitive information and resources.

Mininum TokenType: FineGrained

RECOMMENDATION

Consider removing inherited permissions from the service connection and setting permissions explicitly.

LINKS